Sobey Media Convergence System upload path traversal_CVE-2025-14182

5.3 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Description

A vulnerability has been found in Sobey Media Convergence System 2.0/2.1. This vulnerability affects unknown code of the file /sobey-mchEditor/watermark/upload. The manipulation of the argument File leads to path traversal. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Basic Information

ID CVE-2025-14182

Source VulDB

Published Dec 7, 2025 at 02:02

Affected Product

Vendor Sobey

Product Media Convergence System

Version 2.0

Affected Versions Sobey Media Convergence System 2.0
Sobey Media Convergence System 2.1

CWE Classification

CWE-22

References

{
    "lastseen": "",
    "description": "A vulnerability has been found in Sobey Media Convergence System 2.0/2.1. This vulnerability affects unknown code of the file /sobey-mchEditor/watermark/upload. The manipulation of the argument File leads to path traversal. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.",
    "published": "2025-12-07T02:02:06.467Z",
    "modified": "2025-12-07T02:02:06.467Z",
    "type": "cve",
    "title": "Sobey Media Convergence System upload path traversal",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.334602\nhttps://vuldb.com/?ctiid.334602\nhttps://vuldb.com/?submit.698561\nhttps://github.com/hacker-routing/cve/issues/1",
    "id": "CVE-2025-14182",
    "bulletinFamily": "",
    "cwe": [
        "CWE-22"
    ],
    "cvelist": null,
    "sourceData": "Sobey Media Convergence System 2.0\nSobey Media Convergence System 2.1",
    "sourceHref": "",
    "cvss": {
        "score": 5.3,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Media Convergence System",
    "version": "2.0",
    "vendor": "Sobey",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}